Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D0L0LFndzzXtixPyXy6YiMbyR7Q.roa
File: D0L0LFndzzXtixPyXy6YiMbyR7Q.roa (raw, json)
Hash identifier: le65wEoYAgLiuW7LHDLfiJaMqsJkMNtdkgbBI9+aSho=
Subject key identifier: 0F:42:F4:2C:59:DD:CF:35:ED:8B:13:F2:5F:2E:98:88:C6:F2:47:B4
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747B0AEF9A4CD1183284EA4A842298B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D0L0LFndzzXtixPyXy6YiMbyR7Q.roa
Signing time: Thu 02 Jan 2025 13:49:57 +0000
ROA not before: Thu 02 Jan 2025 13:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211936
IP address blocks: 77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b0:ae:f9:a4:cd:11:83:28:4e:a4:a8:42:29:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f42f42c59ddcf35ed8b13f25f2e9888c6f247b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:23:99:cf:a0:b7:3c:78:5d:ec:37:f8:44:d5:
10:ac:54:b7:b7:c3:26:f9:bf:29:1d:0d:a4:5d:64:
20:51:b8:7f:37:a5:5b:b4:bc:8d:07:15:0a:63:e4:
b1:64:40:dc:83:8c:9c:3f:fa:01:c3:b3:84:ba:96:
a9:e5:62:76:f3:ad:cd:f5:25:f2:c1:44:2a:9b:56:
08:ea:cb:d1:52:b1:6b:7c:d7:b3:55:a3:d9:3c:36:
10:f7:85:9e:70:9d:69:40:8c:c4:f1:86:f1:06:6b:
3c:42:1d:a5:db:2a:51:9c:c1:ef:bb:37:af:2e:1b:
3e:19:94:95:86:6e:0a:2e:f1:d5:ec:85:5f:6a:91:
8e:fa:8f:a7:d1:51:e3:09:a7:6c:74:ae:41:bd:5f:
74:79:76:8b:7d:e6:50:7b:80:a9:d5:b4:e8:53:3e:
63:88:d7:8e:82:07:5b:f2:ee:5e:3a:67:82:09:04:
49:8b:f3:37:17:6f:6b:48:01:90:63:19:9e:fb:aa:
cc:1d:fa:8e:77:8b:c8:87:3c:18:65:e4:cd:c2:8a:
d4:87:1a:21:1a:4f:99:d6:a0:c4:1e:a3:58:d8:06:
1f:5c:b2:02:4a:3a:7d:69:fb:f9:d2:9d:a3:76:4d:
4c:af:1d:a4:4a:5b:33:5f:34:bc:e6:f9:a6:24:f3:
05:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:42:F4:2C:59:DD:CF:35:ED:8B:13:F2:5F:2E:98:88:C6:F2:47:B4
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D0L0LFndzzXtixPyXy6YiMbyR7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.156.0/24
77.90.184.0/24
213.209.136.0/24
213.209.149.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9d:7e:2f:20:e2:12:50:96:32:7b:d1:6d:f5:7b:e1:3c:c7:
7f:c9:a0:3b:47:fb:dc:2c:07:60:a3:42:f0:48:09:15:69:1b:
b8:f2:b5:3e:73:42:b7:8f:27:ef:0b:65:a6:12:04:df:fe:26:
2e:e2:85:0c:e3:c7:91:24:06:6a:c6:77:b0:cc:7c:c4:32:83:
3c:35:d3:d7:6d:5e:3f:de:41:43:00:ab:fa:21:8e:29:71:22:
1f:b0:bc:59:40:b6:cb:51:fc:56:51:5f:26:5e:ab:db:7d:48:
b5:c7:43:80:6b:ea:31:5f:37:52:57:83:32:9d:17:05:8f:e0:
4b:b8:78:bd:6a:cc:37:d7:c3:b3:71:b0:b6:2c:97:45:12:1e:
4a:41:1d:eb:51:7d:a0:71:f4:3a:12:0e:c6:2a:88:c5:a3:c0:
09:0d:7c:9c:4e:a3:2d:90:b6:ae:1e:bf:a3:25:72:a9:33:0c:
ab:72:c9:1e:39:e4:4b:33:20:c4:77:fe:96:5b:ee:7e:9d:d8:
ea:df:f6:f5:65:68:f1:7d:19:bb:6e:6b:32:ed:f6:27:8d:ba:
5f:b7:05:77:63:21:ef:34:be:22:77:bb:d7:83:a4:e9:af:e1:
96:1b:29:ae:6b:61:2a:e3:3d:1a:9b:de:35:62:f1:ce:59:e9:
7c:45:98:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR7Cu+aTNEYMoTqSoQimLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQyZjQyYzU5ZGRjZjM1ZWQ4YjEzZjI1ZjJlOTg4OGM2ZjI0N2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSOZz6C3PHhd7Df4RNUQrFS3t8Mm
+b8pHQ2kXWQgUbh/N6VbtLyNBxUKY+SxZEDcg4ycP/oBw7OEupap5WJ2863N9SXy
wUQqm1YI6svRUrFrfNezVaPZPDYQ94WecJ1pQIzE8YbxBms8Qh2l2ypRnMHvuzev
Lhs+GZSVhm4KLvHV7IVfapGO+o+n0VHjCadsdK5BvV90eXaLfeZQe4Cp1bToUz5j
iNeOggdb8u5eOmeCCQRJi/M3F29rSAGQYxme+6rMHfqOd4vIhzwYZeTNworUhxoh
Gk+Z1qDEHqNY2AYfXLICSjp9afv50p2jdk1Mrx2kSlszXzS85vmmJPMFfwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA9C9CxZ3c817YsT8l8umIjG8ke0MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRDBMMExGbmR6elh0aXhQeVh5NllpTWJ5UjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqcAwQA
TVq4AwQA1dGIAwQA1dGVAwQA1dGcMA0GCSqGSIb3DQEBCwUAA4IBAQACnX4vIOIS
UJYye9Ft9XvhPMd/yaA7R/vcLAdgo0LwSAkVaRu48rU+c0K3jyfvC2WmEgTf/iYu
4oUM48eRJAZqxnewzHzEMoM8NdPXbV4/3kFDAKv6IY4pcSIfsLxZQLbLUfxWUV8m
XqvbfUi1x0OAa+oxXzdSV4MynRcFj+BLuHi9asw318OzcbC2LJdFEh5KQR3rUX2g
cfQ6Eg7GKojFo8AJDXycTqMtkLauHr+jJXKpMwyrcskeOeRLMyDEd/6WW+5+ndjq
3/b1ZWjxfRm7bmsy7fYnjbpftwV3YyHvNL4id7vXg6Tpr+GWGymua2Eq4z0am941
YvHOWel8RZjM
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:38 2025 by rpki-client